Azure Platform and Microsoft Technologies

Azure Application Architecture : N-tier

The n-tier (multi-tier) architecture is the traditional three-tier application separate with layers of services that has is own responsibility. It can be a logical or physical layers. The typical layers are the presentation (web), a middle tier (application/business) and the data layer (database). You can add any extra layers depending on the needs of the application or it could also be constituted with the presentation and data layer only.

When to use the n-tier architecture

When you have a simple application to build

When you want to migrate your application from on-prem to Azure with minimal change

When you combine both infrastructure locations in your development. Exemple: Web servers in Azure and database on-prem.

++

Portability of services between Azure cloud and on-prem

Less learning curve for the dev team

The tiers being physically/virtually decoupled, it improves the scalability, resiliency and security of the architecture

Its the natural evolution from the traditional application model

Heterogeneous environment (Windows/Linux)

– –

The middle tier (application) can become extremely taxing with CRUD operations for the database, adding extra latency.

Harder to deploy extra features with an interdependent architecture as the n-tier

Extra work to manage the many physicals/virtuals servers with the patching/updates/bugs/monitoring

It can be harder to manage the network security in a larger system

Best practices with a n-tier in Azure

Add auto-scaling to handle changes in load

Use asynchronous messaging to decouple tiers

Use cache for semi-static data

Configure the database with a high-availability solution (Always-on)

Place a web application firewall (WAF) between the front-end and internet

Each servers for each tier has its own subnet to create boundaries

Use network security group to route traffic from front-end to middle tier and middle tier to data tier

Add a jumpbox that will let you remote the others servers from it configure with a NSG

Load balancer to distribute traffic for each tiers

For extra security, add a DMZ in front of the front-end tier with virtual appliance

Good exemple here on how to deploy a n-tier architecture with sql server in azure.